Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- global $db;
- // require("../config/db.php");
- global $error1, $error2, $error3, $error4;
- $full_name = $username = $password = "";
- if(isset($_POST['submit'])){
- $username = $_POST['username'];
- $ad_password = $_POST['password'];
- $full_name = $_POST['full_name'];
- $sql_query = mysqli_query($db, "SELECT username FROM admin WHERE username = '{$username}' ");
- $count = mysqli_num_rows($sql_query);
- $sql_salt = mysqli_query($db, "SELECT randSaltPass FROM admin");
- $row = mysqli_fetch_array($sql_salt);
- $salt = $row['randSaltPass'];
- $password = crypt($ad_password, $salt);
- if(!empty($username) && !empty($ad_password) && !empty($full_name)){
- if($count > 0){
- $error1 = "<div class='alert alert-danger'>
- <a href='#' class='close' data-dismiss='alert' aria-label='close'>×</a>
- Username Already Exists.
- </div>";
- }else{
- $u_name = mysqli_real_escape_string($db, $username);
- $pass_word = mysqli_real_escape_string($db, $ad_password);
- $admin_name = mysqli_real_escape_string($db, $full_name);
- if(!preg_match('/^[a-zA-Z]*$/', $u_name)){
- $error2 ="<div class='alert alert-danger'>
- <a href='' class='close' data-dismiss='alert' aria-label='close'>×</a>
- Only Leters are Allowed For Username.
- </div>";
- }
- if(!preg_match('/^[a-zA-Z]*$/', $admin_name)){
- $error3 ="<div class='alert alert-danger'>
- <a href='' class='close' data-dismiss='alert' aria-label='close'>×</a>
- Only Leters are Allowed For Fullname.
- </div>";
- }
- if(!preg_match('/^S*(?=S{7,15})(?=S*[a-z])(?=S*[A-Z])(?=S*[d])S*$/', $pass_word)){
- $error4 ="<div class='alert alert-danger'>
- <a href='' class='close' data-dismiss='alert' aria-label='close'>×</a>
- Password Must Be Between 7 and 15 Characters and Must Contain At Least One Lowercase Letter one uppercase Letter and One Digit.
- </div>";
- }
- if((preg_match('/^[a-zA-Z]*$/', $u_name)) && (preg_match('/^[a-zA-Z]*$/', $admin_name)) && (preg_match('/^S*(?=S{7,15})(?=S*[a-z])(?=S*[A-Z])(?=S*[d])S*$/', $pass_word))){
- $sql = "INSERT INTO admin(username, password, admin_name) VALUES('{$u_name}', '{$password}', '{$admin_name}' )";
- $query = mysqli_query($db, $sql);
- if(!$query){
- die("QUERY FAILED " . mysqli_error($db));
- }
- }
- }
- }else{
- if(empty($username)){
- $error2="<div class='alert alert-danger'>
- <a href='' class='close' data-dismiss='alert' aria-label='close'>×</a>
- Username Can Be Empty.
- </div>";
- }
- if(empty($full_name)){
- $error3="<div class='alert alert-danger'>
- <a href='' class='close' data-dismiss='alert' aria-label='close'>×</a>
- Fullname Can Be Empty.
- </div>";
- }
- if(empty($password)){
- $error4="<div class='alert alert-danger'>
- <a href='' class='close' data-dismiss='alert' aria-label='close'>×</a>
- Password Can Be Empty.
- </div>";
- }
- }
- }
- ?>
- <?php
- class Admin_Login
- {
- private $_username;
- private $_password;
- public function __construct($c_username, $c_password) {
- $this->_username = $c_username;
- $this->_password = md5($c_password);
- // $sql_salt = mysqli_query($db, "SELECT randSaltPass FROM admin");
- // $row = mysqli_fetch_array($sql_salt);
- // $salt = $row['randSaltPass'];
- // $password = crypt($db, $salt);
- }
- public function AdminLogin() {
- global $db;
- //Start session
- session_start();
- //Array to validate errors
- $error_msg_array = array();
- //Error messages
- $error_msg = FALSE;
- if($this->_username == "") {
- $error_msg_array[] = "Please input your username";
- $error_msg = TRUE;
- }
- if($this->_password == "") {
- $error_msg_array[] = "Please input your password";
- $error_msg = TRUE;
- }
- if($error_msg) {
- $_SESSION['ERROR_MSG_ARR'] = $error_msg_array;
- header("location: http://localhost/voting_system/sandbox/index.php");
- exit();
- }
- $sql = "SELECT * FROM admin WHERE username = ? AND password = ? LIMIT 1";
- if(!$stmt = $db->prepare($sql)) {
- echo $stmt->error;
- } else {
- $stmt->bind_param("ss", $this->_username, $this->_password);
- $stmt->execute();
- $result = $stmt->get_result();
- }
- if($result->num_rows > 0) {
- //Login successful
- $row = $result->fetch_assoc();
- //Create session
- session_regenerate_id();
- $_SESSION['ADMIN_ID'] = $row["id"];
- $_SESSION['ADMIN_NAME'] = $row["name"];
- session_write_close();
- header("location: http://localhost/voting_system/sandbox/admin_page.php");
- } else {
- //Login failed
- $error_msg_array[] = "The username and password you entered is incorrect.";
- $error_msg = TRUE;
- if($error_msg) {
- $_SESSION['ERROR_MSG_ARR'] = $error_msg_array;
- header("location: http://localhost/voting_system/sandbox/index.php");
- exit();
- }
- $stmt->free_result();
- }
- $result->free();
- return $result;
- }
- }
- <?php
- //Include database connection
- require("../../config/db.php");
- //Include class Admin_Login
- require("../classes/Admin_Login.php");
- if(isset($_POST['submit'])) {
- //Create variable to store post array values
- $username = trim($_POST['username']);
- $password = trim($_POST['password']);
- $adminLogin = new Admin_Login($username, $password);
- $rtnAdminLogin = $adminLogin->AdminLogin();
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
